Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
9005/21 XT/mg 1
JAI.2 LIMITE EN
Council of the European Union
Brussels, 28 May 2021 (OR. en) 9005/21 LIMITE ECODEX 8 EJUSTICE 55 JUSTCIV 90 JAI 579 COPEN 238 DROIPEN 101 IXIM 93 DATAPROTECT 135 CSC 205
Interinstitutional File: 2020/0345(COD)
NOTE
From: General Secretariat of the Council
To: Permanent Representatives Committee/Council
No. prev. doc.: 8339/1/21 REV 1
No. Cion doc.: 13709/20
Subject: Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on a computerised system for communication in cross-border civil and criminal proceedings (e-CODEX system), and amending Regulation (EU) 2018/1726
- Preparation for a general approach
I. INTRODUCTION
1. On 2 December 2020, the Commission presented a proposal for a Regulation of the European
Parliament and of the Council on a computerised system for communication in cross-border
civil and criminal proceedings (e-CODEX system), and amending Regulation (EU)
2018/1726, based on Articles 81(2) and 82(1) of the Treaty on the Functioning of the
European Union.
9005/21 XT/mg 2
JAI.2 LIMITE EN
2. Ensuring an effective access of citizens and businesses to justice and facilitating judicial
cooperation in civil and criminal matters between the Member States are among the main
objectives of the European Union’s Area of Freedom, Security and Justice enshrined in Title
V of the Treaty.
3. Information technology tools play a key role in accomplishing this goal. It is thus important
that appropriate channels are developed to ensure that justice systems can efficiently
cooperate in a digital way. Therefore, it is essential to establish, at Union level, a tool to
promote the digitalisation of communications between Member States in the context of cross-
border judicial cooperation in civil and criminal matters.
4. There are tools which have been developed for the digital exchange of case related data,
without replacing or requiring costly modifications to the existing back-end systems already
established in the Member States. The e-Justice Communication via On-line Data Exchange
(e-CODEX system), which allows swift, direct, interoperable, reliable and secure cross-border
electronic exchange of case related data, is the main such tool developed to date.
5. The e-CODEX system is a tool specifically designed to facilitate the cross-border electronic
exchange of any content transmissible in electronic form in the justice area. In the context of
increased digitalisation of judicial cooperation in civil and criminal matters, the aim of the
e-CODEX system is to improve the efficiency of cross-border communication between the
competent authorities and facilitate access to justice of citizens and businesses.
9005/21 XT/mg 3
JAI.2 LIMITE EN
6. Without laying down rules on the mandatory use of the e-CODEX system, the proposed
Regulation aims to ensure a sustainable legal framework for the system by handing over its
management to the European Union Agency for the operational management of large-scale IT
systems in the area of freedom, security and justice (eu-LISA), established by Regulation
(EU) 2018/1726 of the European Parliament and of the Council. Such legal framework clearly
defines and frames the components of the system and lays down rules regarding its
functioning and development in order to guarantee its long-term sustainability.
7. The proposal sets out the process of transferring the e-CODEX system from a consortium of
Member States – which is currently managing the e-CODEX system with funding from Union
programmes – to eu-LISA, as well as the work processes, once said transfer is in effect. In
order to guarantee the uninterrupted operation and maintenance of the system, the handover of
e-CODEX to eu-LISA should take place in the first half of 2023.
8. The Portuguese Presidency has included this file among its legislative priorities. To that
effect, the ad-hoc Working Party on the e-CODEX Regulation, which started its deliberations
in February, worked at an intensive pace.
II. MAIN ELEMENTS OF THE COMPROMISE
9. Considering the substantial progress made in the discussions of the ad-hoc Working Party, the
Presidency is of the opinion that a general approach can be achieved on the text of the
proposed Regulation.
9005/21 XT/mg 4
JAI.2 LIMITE EN
10. eu-LISA’s governance structure allows for the involvement of Member States in the
management of the system through participation in the Agency's Management Board,
Advisory Groups and Programme Management Boards. Nevertheless, in view of concerns
expressed by Member States and various stakeholders, the Presidency text has introduced
guarantees for the independence of the judiciary as regards the functioning of the e-CODEX
system, by expressly providing for oversight of the system by the Programme Management
Board. Complementing Member States' supervision, this body should ensure that all measures
taken by eu-LISA regarding the e-CODEX system, either technical or organisational,
guarantee, in particular, the independence of the judiciary.
11. Furthermore, it has been clarified that stakeholders and experts, including members of the
judiciary, legal practitioners and professional organisations which are affected by, use or
participate in the e-CODEX system, are to be involved in eu-LISA’s work.
12. In addition to the rules regarding the responsibilities of eu-LISA, the Commission, the
Member States and the entities operating authorised e-CODEX access points, the compromise
text also includes more details on the governance of the e-CODEX system, detailing the
duties of the various bodies involved, notably the Advisory Group and Programme
Management Board, both of which are permanent in nature.
13. Since it is crucial to ensure that the electronic exchange of data via the e-CODEX system
occurs in a secure and trusted manner, it has been clarified that the minimum technical
specifications and standards, to be established by means of implementing acts, should set the
security operating standards, namely in what regards to the connector.
9005/21 XT/mg 5
JAI.2 LIMITE EN
III. CONCLUSION
14. The adoption of the e-CODEX Regulation proposal is time-sensitive, as implementing acts
will have to be drafted and adopted before the actual transfer and eu-LISA will need to secure
resources and staffing for the e-CODEX system. This process could take several months, as
the expertise needed is specific and rigorous screening is required, in order to ascertain the
suitability of candidates.
15. Therefore, the timely adoption of a General Approach is of particular importance.
16. The proposed compromise text covers the whole of the Regulation, including recitals and
annex.
17. The Permanent Representatives Committee is therefore invited:
a) to approve the compromise package presented by the Presidency as set out in the Annex
below; and
b) to invite the Council to approve the general approach.
9005/21 XT/mg 6
ANNEX JAI.2 LIMITE EN
ANNEX
2020/0345 (COD)
Proposal for a
REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL
on a computerised system for the electronic exchange of data [...] in the context of cross-
border civil and criminal matters [...] (e-CODEX system), and amending Regulation (EU)
2018/1726
(Text with EEA relevance)
THE EUROPEAN PARLIAMENT AND THE COUNCIL OF THE EUROPEAN UNION,
Having regard to the Treaty on the Functioning of the European Union, and in particular Article
81(2) and Article 82(1) thereof,
Having regard to the proposal from the European Commission,
After transmission of the draft legislative act to the national parliaments,
Having regard to the opinion of the European Economic and Social Committee1,
Acting in accordance with the ordinary legislative procedure,
1 OJ C , , p. .
9005/21 XT/mg 7
ANNEX JAI.2 LIMITE EN
Whereas:
(1) Ensuring an effective access of citizens and businesses to justice and facilitating judicial
cooperation in civil and criminal matters between the Member States are among the main
objectives of the EU’s Area of Freedom, Security and Justice enshrined in Title V of the
Treaty.
(2) It is thus important that appropriate channels are developed to ensure that justice systems
can efficiently cooperate in a digital way. Therefore, it is essential to establish, at Union
level, an information technology instrument that allows swift, direct, interoperable, reliable
and secure cross-border electronic exchange of case related data. [...]
(3) There are tools which have been developed for the digital exchange of case related data,
without replacing or requiring costly modifications to the existing back-end systems already
established in the Member States. The e-Justice Communication via On-line Data Exchange
(e-CODEX) system is the main such tool developed to date.
(4) The e-CODEX system is a tool specifically designed to facilitate the cross-border electronic
exchange of messages in the justice area. In the context of increased digitalisation of
proceedings in civil and criminal matters, the aim of the e-CODEX system is to improve the
efficiency of cross-border communication between the competent authorities and facilitate
access to justice of citizens and businesses. It has been managed up to date by a consortium
of Member States and organisations with funding from Union programmes
(4a) This Regulation concerns electronic exchange of data in the context of cross-border
judicial cooperation in civil and criminal matters. Judicial cooperation in civil and
criminal matters and the respective competences of judicial or other authorities should
be understood in accordance with the Union legal acts and the case law of the Court of
Justice of the European Union.
9005/21 XT/mg 8
ANNEX JAI.2 LIMITE EN
(4b) For the purposes of this Regulation, electronic exchange of data includes any content
transmissible in electronic form by means of the e-CODEX system, such as text or
sound, visual or audiovisual recording, in the form of either structured or
unstructured data, files or metadata.
(4c) Whereas the use of electronic exchange of data may be governed by Union legal acts,
this Regulation does not contain rules on the mandatory use of the e-CODEX system.
Similarly, nothing in this Regulation should prevent Member States from developing
and maintaining pilot use cases. Those pilot use cases should not be understood in the
meaning of pilot projects governed by Article 15 of Regulation (EU) 2018/1726. In such
cases, it is up to participating Member States to decide whether to proceed in
accordance with Article 7(1) of this Regulation. The Advisory Group may be involved
in the development of new digital procedural standards.
(4d) The e-CODEX system should be viewed as the preferred solution for an interoperable,
secure and decentralised communication network between national IT systems in
cross-border judicial cooperation in civil and criminal matters.
(5) The e-CODEX system consists of two software elements: a [...] gateway [...] for the
exchange of messages with other gateways and a [...] connector [...], which provides a
number of functionalities related to the transmission of messages between national systems.
Currently, the gateway is based on the eDelivery building block maintained by the
Commission, while the [...] management of the connector is carried out by a consortium of
Member States and organisations with funding from Union Programmes (the entity
managing the e-CODEX system). The connector software provides functions such as
verification of electronic signatures via a security library and proof of delivery. In addition,
the entity managing the e-CODEX system has developed data schemas [...] for digital
forms to be used in the specific civil and criminal procedures for which it has piloted the
e-CODEX system.
9005/21 XT/mg 9
ANNEX JAI.2 LIMITE EN
(5a) The e-CODEX system provides an interoperable solution for the Justice sector to
connect the IT systems of the competent national authorities, such as the judiciary, or
other organisations.
(5b) The European Interoperability Framework (EIF (COM/2017/0134 FINAL)) is a
commonly agreed approach to the delivery of European public services in an
interoperable manner of which the e-CODEX system should be a specific
implementation for the justice domain. For the purpose of this Regulation the term
interoperable takes into account the EIF.
(6) Given the importance of the e-CODEX system for cross-border exchanges in the justice area
in the Union, there should be a sustainable Union legal framework establishing the
e-CODEX system and providing rules regarding its functioning and development. Such
legal framework should clearly define and frame the components of the e-CODEX system in
order to guarantee its technical sustainability. The system should define the IT components
of an access point, which should consist of a gateway for the purpose of secure
communication with other identified gateways and a connector for the purpose of supporting
the message exchanges. It should also include digital procedural standards consisting of the
business process models and data schemas [...] defining the electronic format of the data
exchanged [...] in the context of those procedures to support the use of e-CODEX access
points for legal procedures provided for by legal acts adopted in the area of judicial
cooperation in civil and criminal matters and to enable the exchange of information
between the access points. [...]
(6a) Given that semantic interoperability should be a contributing factor to achieve the
objective of this Regulation of a standardised and meaningful interaction between two
or more parties, particular consideration should be attributed to the EU e-Justice Core
Vocabulary.
9005/21 XT/mg 10
ANNEX JAI.2 LIMITE EN
(7) Since it is necessary to ensure the long term sustainability of the e-CODEX system and its
governance while taking into account the independence of the national judiciaries, an
appropriate entity for the [...] management of the system should be designated.
(8) The most appropriate entity for the [...] management of the system is an agency, since its
governance structure allows for the involvement of Member States in the [...] management
of the system through participation in the Agency's Management Board, Advisory Groups
and Programme Management Boards. The European Union Agency for the operational
management of large-scale IT systems in the area of freedom, security and justice (eu-LISA)
established by Regulation (EU) 2018/1726 of the European Parliament and of the Council2
has relevant experience in managing large-scale IT Systems. eu-LISA should therefore be
entrusted with the [...] management of the e-CODEX system. It is also necessary to adjust
the existing governance structure of eu-LISA by adapting the responsibilities of its
Management Board and by establishing an e-CODEX Advisory Group. Regulation (EU)
2018/1726 should therefore be amended accordingly. A specific Programme Management
Board should also be established.
(9) According to Article 19 of Regulation (EU) 2018/1726 the role of the Management Board of
eu-LISA is to ensure that all decisions and actions of the Agency affecting large-scale IT
systems in the area of freedom, security and justice respect the principle of independence of
the judiciary. The governance structure of the Agency and financing scheme further
guarantee the respect of that principle. It is also important to involve the legal professions,
other experts and stakeholders in the governance of the e-CODEX system through the
Advisory Group and the Programme Management Board.
2 Regulation (EU) 2018/1726 of the European Parliament and of the Council of 14 November
2018 on the European Union Agency for the Operational Management of Large-Scale IT
Systems in the Area of Freedom, Security and Justice (eu-LISA), and amending Regulation
(EC) No 1987/2006 and Council Decision 2007/533/JHA and repealing Regulation (EU) No
1077/2011 (OJ L 295, 21.11.2018, p. 99)
9005/21 XT/mg 11
ANNEX JAI.2 LIMITE EN
(10) Given eu-LISA's priority tasks of developing and managing the Entry/Exit System (EES),
the European Travel Information and Authorisation System (ETIAS), the European Criminal
Records Information System for Third Country Nationals (ECRIS-TCN), the revised
Schengen Information System (SIS), the Visa Information System (VIS) and Eurodac, as
well as the strategic task to establish a framework for interoperability between EU
information systems, eu-LISA should not take over the responsibility for the e-CODEX
system earlier than on 1 July 2023.
(11) The e-CODEX system can be used in cross-border civil and criminal matters [...].
Although the e-CODEX system [...] could also be used in other situations [...], this
Regulation only applies to the cross-border exchange of data between connected
systems via authorised e-CODEX access points, in accordance with the corresponding
digital procedural standards.
(12) eu-LISA should have responsibility for the components of the e-CODEX system, except for
the [...] management of the [...] gateway software, since that software is currently provided
on a cross-sectoral basis within the eDelivery building block by the Commission. eu-LISA
should take over full responsibility for the [...] management of the [...] connector software
and the digital procedural standards from the entity managing the e-CODEX system until
the handover. Given that the [...] gateway and the [...] connector are integral components of
e-CODEX, eu-LISA should assure compatibility of the connector with the latest version of
the gateway. To that end, the Commission should include eu-LISA in the relevant
governance body of the eDelivery building block from the moment of the entry into force of
this Regulation.
9005/21 XT/mg 12
ANNEX JAI.2 LIMITE EN
(13) In order to ensure uniform conditions for the implementation of this Regulation,
implementing powers should be conferred on the Commission. Those powers should be
exercised in accordance with Regulation (EU) No 182/2011 of the European Parliament and
of the Council3. The implementing acts adopted in that framework should establish the
minimum technical specifications and standards, including on security and methods for
integrity and authenticity verification, underpinning the components of the e-CODEX
system; establish the service level requirements for the activities carried out by eu-LISA and
other necessary technical specifications for these activities; and establish the specific
arrangements [...] of the handover/takeover process. Implementing acts could also establish
the technical arrangements supporting the use of the e-CODEX system in the procedures in
the area of judicial cooperation in civil and criminal matters.
(13a) The connector should be able to technically support all types of electronic seals and
electronic signatures as provided for in Regulation (EU) No 910/2014. The
establishment of minimum technical specifications and standards should set the
security operating standards, namely in what regards to the connector. The security
requirements on the functioning of the connector should take into account security
standards for information security and existing European legislation, such as
Regulation (EU) No 910/2014, Regulation (EU) 2016/679, Directive (EU) 2016/680 and
Regulation (EU) 2018/1725.
3 Regulation (EU) No 182/2011 of the European Parliament and of the Council of 16
February 2011 laying down the rules and general principles concerning mechanisms for
control by Member States of the Commission's exercise of implementing powers
(OJ L 55, 28.2.2011, p. 13).
9005/21 XT/mg 13
ANNEX JAI.2 LIMITE EN
(13b) E-CODEX Correspondents should be entitled to [...] receive technical support under
this Regulation. The service level requirements for the activities to be carried out by
eu-LISA could address the matter of the number of e-CODEX correspondents in
Member States and in the Commission, either by providing for a limited number of
correspondents or service levels which vary according to the number of requests for
support.
(14) eu-LISA's specific responsibilities in relation to the [...] management of the e-CODEX
system should be laid down.
(14a) The tasks of eu-LISA include the addition of new features. One of such new features
could be a feature in the connector allowing for the retrieval of relevant statistical data
regarding the number of technical messages sent and received through each authorised
e-CODEX access point.
(15) The Member States should maintain a list of authorised e-CODEX access points needed for
the connected systems [...] within their territory, and communicate them to eu-LISA in
order to enable the interaction between them in the context of the relevant procedures. The
Commission should maintain a similar list of authorised e-CODEX access points operated
by the Union institutions, bodies and agencies for the same reason. The entities operating
eCODEX [...] access points at national level may be public authorities, organisations
representing legal practitioners or private companies. Bearing in mind the decentralised
nature of the e-CODEX system, while eu-LISA should ensure the [...] management of the
e-CODEX system, the responsibility for setting up and operating the authorised e-CODEX
access points should lie exclusively with the entities operating the relevant access points. On
the basis of the applicable law, the entities operating the authorised e-CODEX access point
should bear the responsibility for any damage resulting from the operation of the authorised
e-CODEX access point.
9005/21 XT/mg 14
ANNEX JAI.2 LIMITE EN
(15a) Member States should supervise their authorised e-CODEX access points, in particular
when they are operated by entities that are not part of the public administration.
(16) [...] A mechanism should be put in place to monitor [...] the impact[...] of instruments that
enable the transmission of electronic data in the context of cross-border civil and criminal
matters [...] in the Union. [...] The entities operating authorised e-CODEX access points
should therefore be able to systematically collect and maintain comprehensive data on its
[...] use [...]. This should not only alleviate the work of the Member States in collecting the
relevant data and ensure mutual accountability and transparency, but also significantly
facilitate the ex-post monitoring of the legal acts adopted in the area of civil and criminal
cooperation by the Commission. The collected information should only encompass
aggregated data and should not constitute personal data.
(16a) When providing technical support to e-CODEX correspondents in relation with the e-
CODEX system, eu-LISA should act as a single point of contact, including for the
gateway.
[...](17)eu-LISA should maintain a high level of security when carrying out its tasks. When
undertaking further technical evolutions of software, eu-LISA should implement the
principles of security by design and data protection by design and by default, in accordance
with Regulation (EU) 2018/1725. The entities operating the authorised e-CODEX access
point should bear the responsibility for the security of the data transmitted via their access
points.
(18) Classified information, as set out in Article 2 of the Agreement between the Member
States of the European Union, meeting within the Council, regarding the protection of
classified information exchanged in the interests of the European Union (OJ C 202,
8 July 2011, p.13), should not be transmitted via e-CODEX, unless the relevant rules
are fulfilled. [...]
9005/21 XT/mg 15
ANNEX JAI.2 LIMITE EN
(19) In order to allow eu-LISA to prepare the takeover adequately, the entity managing the e-
CODEX system should prepare by 31 December 2022 a handover document setting out the
detailed arrangements for the transfer of the e-CODEX system, including the criteria for a
successful handover process and its completion, in accordance with implementing acts
adopted by the Commission pursuant to this Regulation. The handover document should
cover the components of the e-CODEX system including the gateway, the connector and the
digital procedural standards, as well as the relevant supporting software products,
documentation and related assets [...]. The Commission should monitor the
handover/takeover process in order to ensure its compliance with the implementing acts and
the handover document, and the takeover should only take place once the Commission has
declared that the process has been successfully completed, after consulting the entity
managing the e-CODEX system until the handover. After submitting the handover
document and until the successful handover of the e-CODEX system to eu-LISA, the entity
managing the e-CODEX system should not perform changes to the system or deliver any
new software release beyond what is necessary to ensure its corrective maintenance
[...].
(20) The handover should also ensure that any intellectual property rights or usage rights relating
to the e-CODEX system and the relevant supporting products are transferred so as to enable
eu-LISA to carry out its responsibilities under this Regulation. However, for the main
software components of the system, a contractual transfer should not be needed, as the [...]
software is open source and covered by the European Union Public Licence (EUPL).
9005/21 XT/mg 16
ANNEX JAI.2 LIMITE EN
(21) In order for the Commission to be able to evaluate the e-CODEX system on a regular basis,
eu-LISA should report to the Commission every two years on the technical evolution and
the technical functioning of the e-CODEX system. In order to feed into that report, Member
States should provide eu-LISA with the relevant information concerning the access points
needed for the connected systems [...] in their territory and the Commission should provide
similar information concerning the access points operated by Union institutions, bodies and
agencies.
(21a) The e-CODEX Advisory Group should provide eu-LISA with the necessary expertise
related to the e-CODEX system, in particular by promoting the exchange of
experiences and best practices, including in relation to pilot use cases not falling under
the scope of this Regulation.
(21b) The procedure for the development of new use cases within eu-LISA pursuant to this
Regulation is without prejudice to further evolution of the European e-Justice Strategy
and Action Plan4 fostering the development of such cases which should be considered
by eu-LISA.
(21c) The term of office of the members of the Programme Management Board and their
alternates is renewable, but due consideration should be given to the representation of
different Member States on the Programme Management Board, which is to be
promoted whenever possible so as to ensure participation of all Member States over
time.
(21d) In fulfilment of its duties, the Programme Management Board should ensure [...] that
all measures taken by eu-LISA regarding the e-CODEX system, either technical (for
instance, concerning infrastructure, data management and data separation) or
organisational (for instance, concerning key personnel and other human resources),
are in accordance with the guarantees of independence of the judiciary.
4 OJ C 96, 13.3.2019, p. 3.
9005/21 XT/mg 17
ANNEX JAI.2 LIMITE EN
(21e) The commitment of resources to the operation of the e-CODEX system in accordance
with this Regulation should be understood as preventing eu-LISA from defunding or
taking resources away from the e-CODEX system for the benefit of other projects.
(21f) As regards the costs incurred in the performance of tasks laid down by this Regulation,
nothing in the Regulation will prevent Member States from applying for funding for
their national e-CODEX implementation from EU financing programmes.
(21g) Insofar as permitted by national legislation, nothing in this Regulation prevents the
submission of information to eu-LISA in an automated way, in particular the
notifications provided for under Article 14.
(22) This Regulation does [...] not provide any specific legal basis for processing personal data.
Any processing of personal data performed in the framework of this Regulation should be in
accordance with the applicable data protection rules. Regulation (EU) 2016/679 of the
European Parliament and the Council5 and Directive (EU) 2016/680 of the European
Parliament and the Council6, apply to the processing of personal data carried out by
e-CODEX access points, operated by authorised e-CODEX access points which are
established within the territory of the Member States according to this Regulation.
5 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016
on the protection of natural persons with regard to the processing of personal data and on the
free movement of such data, and repealing Directive 95/46/EC (General Data Protection
Regulation) (OJ L 119, 4.5.2016, p. 1). 6 Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on
the protection of natural persons with regard to the processing of personal data by competent
authorities for the purposes of the prevention, investigation, detection or prosecution of
criminal offences or the execution of criminal penalties, and on the free movement of such
data, and repealing Council Framework Decision 2008/977/JHA (OJ L 119, 4.5.2016,
p. 89).
9005/21 XT/mg 18
ANNEX JAI.2 LIMITE EN
(23) Regulation (EU) 2018/1725 of the European Parliament and of the Council7 applies to the
processing of personal data carried out by Union institutions, bodies, offices and agencies in
the context of this Regulation.
(23a) This Regulation respects the fundamental rights and observes the principles recognised
in the Charter of Fundamental Rights of the European Union. In particular, this
Regulation seeks to promote the application of the Charter, and of Article 47 thereof,
concerning the right to an effective remedy and to a fair trial.
(23b) Since the objectives of this Regulation to establish the e-CODEX system at EU level,
and to entrust the eu-LISA Agency with the system’s management cannot be
sufficiently achieved by the Member States and can rather, by reason of the scale and
effects of this Regulation, be better achieved at Union level, the Union may adopt
measures, in accordance with the principle of subsidiarity as set out in Article 5 of the
Treaty on European Union. This Regulation is directly applicable in all Member States
and binding in its entirety. It therefore guarantees a uniform application of the rules
across the EU and their entry into force at the same time. It offers legal certainty by
avoiding divergent interpretations in the Member States, thus preventing legal
fragmentation. In accordance with the principle of proportionality as set out in that
Article, this Regulation does not go beyond what is necessary to achieve that objective.
(24) In accordance with Articles 1 and 2 of Protocol No 22 on the position of Denmark, annexed
to the Treaty on European Union and to the Treaty on the Functioning of the European
Union, Denmark is not taking part in the adoption of this Regulation and is not bound by it
or subject to its application.
7 Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October
2018 on the protection of natural persons with regard to the processing of personal data by
the Union institutions, bodies, offices and agencies and on the free movement of such data,
and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (Text with EEA
relevance.) (OJ L 295, 21.11.2018, p. 39).
9005/21 XT/mg 19
ANNEX JAI.2 LIMITE EN
(25) In accordance with Articles 1, 2 and 4a(1) of Protocol No 21 on the position of the United
Kingdom and Ireland in respect of the area of freedom, security and justice, annexed to the
Treaty on European Union and to the Treaty on the Functioning of the European Union, and
without prejudice to Article 4 of that Protocol, Ireland is not taking part in the adoption of
this Regulation and is not bound by it or subject to its application.
[...]
(27) The European Data Protection Supervisor was consulted and delivered an opinion on …8,
8 OJ ...
9005/21 XT/mg 20
ANNEX JAI.2 LIMITE EN
HAVE ADOPTED THIS REGULATION:
CHAPTER 1
General Provisions
Article 1
Subject matter
This Regulation establishes the legal framework for the e-CODEX system […].
It lays down rules on the following:
(a) the definition, […] composition, functions and management of the e-CODEX system;
(b) the responsibilities […] of the […] European Agency for the operational management of
large-scale IT systems in the area of freedom, security and justice (eu-LISA) regarding
the e-CODEX system;
(c) the responsibilities of the Commission, Member States and the entities operating
authorised e-CODEX access points.
Article 2
Scope
This Regulation shall apply to the electronic exchange of data […] in the context of cross-border
judicial cooperation in […] civil and criminal matters […]by means of the e-CODEX system in
accordance with the legal acts adopted in that […] area […].
9005/21 XT/mg 21
ANNEX JAI.2 LIMITE EN
Article 3
Definitions
For the purpose of this Regulation, the following definitions shall apply:
(a) ‘e-CODEX system’ (e-Justice Communication via Online Data Exchange in the area
of justice) means a decentralised and interoperable system for cross-border
communication for the purpose of facilitating electronic exchange of data in a secure
and trusted manner in the area of justice;
(b) ‘e-CODEX access point’ means the […] software packages installed on a hardware
infrastructure, able to transmit and receive information to and from other e-CODEX
access points in a secure and trusted manner;
(c […]) ‘authorised e-CODEX access point’ means an e-CODEX access point authorised by a
Member State or the Commission which has been notified to eu-LISA in accordance
with Article 5(4) or Article 7(1) and which is operating a digital procedural standard as
referred to in (h) [...];
(d […]) ‘entity operating an authorised e-CODEX access point’ means a European Union
institution, body, office or agency, [...] or a national public authority or legal person which
is operating an authorised e-CODEX access point;
(e [...]) ‘connected system’ means an IT system which is connected to an e-CODEX access point
for the purpose of exchanging data [...] with other connected systems [...];
(f […] ) ‘central testing platform’ means an e-CODEX system component [...] used exclusively for
testing, that provides a set of functions which can be used by entities operating authorised
e-CODEX access points to verify the correct operation of their access points and the
correct use of the e-CODEX digital procedural standards in the connected systems
associated [...] to those [...] access points;
9005/21 XT/mg 22
ANNEX JAI.2 LIMITE EN
[...]
(g […] ) ‘business process model’ means a graphical and textual representation of a conceptual
model of several related, structured activities or tasks, along with the relevant data models,
and the sequence in which the activities or tasks have to be performed, in order to achieve
a standardised and meaningful interaction between two or more parties;
(h) ‘digital procedural standard’ means the technical specifications on business process
models as referred to in (g) and the data schemas based on the EU e-Justice Core
Vocabulary defining the electronic structure of the data exchanged in the context of
the e-CODEX system;
(i) ‘e-CODEX correspondent’ means a person, designated by a Member State or the
Commission, who can receive assistance from eu-LISA concerning all the e-CODEX
system components in accordance with Article 6(3).
[…]
CHAPTER 2
Composition, functions and responsibilities in relation to the e-
CODEX system
Article 4
Composition of the e-CODEX system
1. The e-CODEX system shall be composed of an e-CODEX access point, [...] digital
procedural standards and the supporting software products, documentation and related
assets, listed in Annex I [...].
9005/21 XT/mg 23
ANNEX JAI.2 LIMITE EN
2. The e-CODEX access point shall be composed of:
(a) a gateway consisting of a software, based on a common set of protocols, enabling the
secure exchange of information over a telecommunications network with other
gateways using the same common set of protocols;
(b) a connector, making it possible to link connected systems to the gateway referred to
in point (a), and consisting of a software, based on a common set of open protocols,
enabling the following:
(i) structuring, logging and linking of messages;
(ii) the verification of their integrity and authenticity;
(iii) the creation of time-linked evidences of receipt for the exchanged messages.
[…]
Article 5
Responsibilities of the Commission
1. By 31 December 2022 the Commission shall establish, by means of implementing acts:
(a) the minimum technical specifications and standards, including on security and
methods for integrity and authenticity verification [...], underpinning the
components of the e-CODEX system referred to in Article 4;
(b) the service level requirements for the activities to be carried out by eu-LISA in
accordance with Article 6 as well as other necessary technical specifications for
those activities.
(c) the specific arrangements of the handover/takeover process referred to in Article 9.
9005/21 XT/mg 24
ANNEX JAI.2 LIMITE EN
2. [...] The Commission may adopt […] , by means of implementing acts, [...]the digital
procedural standards defined in Article 3(h), unless the adoption of such standards is
foreseen in other Union legal acts in the area of cross-border judicial cooperation in
civil and criminal matters. [...].
3. The implementing acts referred to in paragraphs 1 and 2 shall be adopted in accordance
with the examination procedure referred to in Article 17(2).
4. The Commission shall maintain a list of authorised e-CODEX access points which are
operated by Union institutions, bodies, offices and agencies, and the digital procedural
standards [...] which each access point is authorised to apply. It shall notify the changes to
eu-LISA without delay, [...].
5. The Commission shall designate […] e-CODEX correspondents. Only those e-CODEX
correspondents shall be entitled to [...] receive technical support referred to in
Article 6(1 […] )(f) [...] in relation to the e-CODEX system operated by Union institutions,
bodies, offices and agencies, under the terms defined in the implementing act pursuant
to paragraph 1 (b) of the present article.
Article 6
Responsibilities of eu-LISA
1. eu-LISA shall be responsible for […] the components of the e-CODEX system referred to
in Article[...] 4[...] with the exception of the gateway [...] and, in particular, for the
following tasks :
[...]
9005/21 XT/mg 25
ANNEX JAI.2 LIMITE EN
(a) development, maintenance, [...] bug fixes and updates, including on security [...]
and distribution to the entities operating authorised e-CODEX access points of the
software products and related assets […];
(b) addition of new features, published as new software versions, in order to
respond to emerging requirements, namely those laid down by the
implementing acts referred to in Article 5(2) or by the e-CODEX Advisory
Group;
(c [...])preparation [...], maintenance, update and distribution [...] to the entities
operating authorised e-CODEX access points of the [...] documentation relating to
the components of the e-CODEX system, [...] its supporting software products and
the related assets [...];
(d [...])development, maintenance, update and distribution to the entities operating
authorised e-CODEX access points of a configuration file containing an exhaustive
list of authorised e-CODEX access points, including the digital procedural
standards that [...] each of those [...] access points is authorised to apply;
[...]
(e) support and coordination of testing activities, including connectivity, involving the
authorised e-CODEX access points;
(f) technical support for the e-CODEX correspondents in relation to the e-CODEX
system;
[...]
9005/21 XT/mg 26
ANNEX JAI.2 LIMITE EN
(g [...]) publication on the eu-LISA website of a list of the authorised e-CODEX access
points, which have been notified to eu-LISA, and the digital procedural standards
that [...] each of those [...] access points is authorised to apply;
(h [...]) respond to requests for technical advice and support from the Commission services
in the context of the preparation of the implementing acts provided for in
Article 5(2);
(i [...]) identification, assessment and preparation […] of new digital procedural
standards [...], including by organising and facilitating workshops with the
e-CODEX correspondents.
(j) development, deployment, maintenance, update and distribution to the entities
operating authorised e-CODEX access points of the digital procedural
standards and of the EU e-Justice Core Vocabulary on which they are based;
(k) development, maintenance, and update of the EU e-Justice Core Vocabulary on
which the digital procedural standards are based;
(l [...]) development and distribution [...] of security operating standards, as provided
for in Article 10;
(m [...]) provision of training on the technical use of the e-CODEX system in
accordance with Regulation (EU) 2018/1726, including provision of online
training materials.
2 [...]. eu-LISA shall be responsible for the following additional tasks:
(a) provision, operation and maintenance in eu-LISA's technical sites of the hardware
and software IT infrastructure necessary for carrying out its tasks;
(b) provision, operation and maintenance of a central testing platform;
9005/21 XT/mg 27
ANNEX JAI.2 LIMITE EN
(c) informing the general public through the Internet about e-CODEX, by means of a set
of large-scale communication channels, such as websites or social media platforms;
(d) preparation, update and online distribution of non-technical information relating to
the e-CODEX system and the activities carried out by eu-LISA.
3 [...]. For the purposes of paragraph 1(f), eu-LISA shall make resources available on an on-
call basis during business hours to provide e-CODEX correspondents with a single point
of contact for technical support, including for the gateway [...].
[…].
Article 7
Responsibilities of the Member States
1. Member States shall authorise e-CODEX access points [...] needed for the connected
systems in their territory in accordance with the applicable national and Union law
and shall maintain a list of those [...] access points [...] as well as of the digital
procedural standards [...] which each access point is authorised to apply. Member States
shall not operate their authorised access points in Third Countries and they shall
supervise [...] their authorised e-CODEX access points, ensuring that the conditions
under which authorisation was granted are continuously met, and notify the changes
to eu-LISA without delay[...].
2. [...] Member States shall designate […] e-CODEX correspondents. Only those
correspondents shall be entitled to [...] receive the technical support referred to in
Article 6(1 [...])(f) in accordance with [...] the terms defined in the implementing act
pursuant to Article 5(1)(b).
9005/21 XT/mg 28
ANNEX JAI.2 LIMITE EN
Article 8
Responsibilities of entities operating authorised e-CODEX access points
1. The entity operating an authorised e-CODEX access point shall be responsible for its
secure set-up and operation. This responsibility shall include the necessary adaptations to
the connector referred to in Article 4(2)(b) to make it compatible with any connected
systems [...].
2. The entity operating an authorised e-CODEX access point shall provide to the Member
State which has authorised the access point the [...] statistical data […] defined in [...]
Article 14 (1) and (2) (a […]) and in [...] the relevant provisions of the legal Union acts
adopted [...] in the area of judicial cooperation in civil and criminal matters [...].
3. The responsibility [...] for any damage resulting from the operation of an authorised
e-CODEX access point and any connected systems shall be borne, on the basis of the
applicable law, by the entity operating that authorised e-CODEX access point.
Article 9
Handover and takeover
1. The entity managing the e-CODEX system until the handover [...] shall, by
31 December 2022 at the latest, submit a common handover document to eu-LISA
specifying the detailed arrangements for the transfer of the e-CODEX system, including
the criteria for a successful handover process and completion and related documentation,
as established by the implementing acts adopted pursuant to Article 5(1)(c). [...] The
handover document [...] shall also include provisions on intellectual property rights or
usage rights relating to the e-CODEX system and the supporting software products,
documentation and related assets, listed in Annex I [...] enabling eu-LISA to carry out its
responsibilities in accordance with Article 6.
9005/21 XT/mg 29
ANNEX JAI.2 LIMITE EN
2. [...] Within a period of six months after the delivery of the handover document referred to
in paragraph 1 a handover/takeover process shall take place between the entity managing
the e-CODEX system and eu-LISA. During that period, the entity managing the e-CODEX
system until the handover shall retain full responsibility for it [...] and shall ensure that no
changes to the system are performed or any new release is delivered other than for
the purpose of carrying out corrective maintenance of the system [...].
3. The Commission shall monitor the handover/takeover process in order to ensure that the
detailed arrangements of the process are correctly implemented by the entity managing the
e-CODEX system until the handover and eu-LISA, on the basis of the criteria referred to
in paragraph 1.
4. eu-LISA shall take over responsibility for the e-CODEX system not earlier than on
1 July 2023. The handover will take place at the date when the Commission declares
[...] the successful completion of the handover/takeover process referred to in paragraph 2,
after consulting the entity managing the e-CODEX system until the handover and
eu-LISA, [...].
9005/21 XT/mg 30
ANNEX JAI.2 LIMITE EN
Article 10
Security
1. After the successful takeover of the e-CODEX system, eu-LISA shall be responsible for
maintaining a high level of security when carrying out its tasks, including the security of
the hardware and software IT infrastructure referred to in Article 6(2 [...]). In particular,
eu-LISA shall ensure that an e-CODEX security plan is established and maintained and
that the e-CODEX system is operated according to this security plan, taking into account
the classification of the information processed in e-CODEX and eu-LISA information
security rules. Such a plan shall provide for regular security inspections and audits
including software security assessments of the e-CODEX system with the participation of
the entities operating an e-CODEX access point.
2. When carrying out its responsibilities, eu-LISA shall implement the principles of security
by design and data protection by design and by default. [...]
3. The entity operating an authorised e-CODEX access point shall have the exclusive
responsibility for its secure set-up and operation taking into consideration the
technical standards set out under Article 5(1)(a), as well as those laid down in
paragraph 5 of this Article [...].
4. It shall without delay notify any security incident [...] to eu-LISA and to the Member State
that maintains the list of authorised e-CODEX access points where that access point is
listed, or, in the case of an access point operated by a Union institution, body, office or
agency, to the Commission.
5. Following the detection of any vulnerabilities or security incidents by eu-LISA or the
notification of security incidents provided for in paragraph 4, eu-LISA shall analyse
the security incident and inform without delay the entities operating authorised
e-CODEX access points impacted by it and the Advisory Group
9005/21 XT/mg 31
ANNEX JAI.2 LIMITE EN
6. eu-LISA shall develop security rules and guidance regarding e-CODEX access points. The
entity operating an authorised e-CODEX access point shall provide eu-LISA with
statements proving its compliance with the security rules […] of e-CODEX access points.
Those statements shall be updated on a yearly basis, or whenever a change is otherwise
required.
Article 11
e-CODEX Advisory Group
1. As from 1 January 2023, the e-CODEX Advisory Group established pursuant to Article
27(dc) of Regulation (EU) 2018/1726 shall provide eu-LISA with the necessary expertise
related to the e-CODEX system, in particular in the context of preparation of its annual
work programme and its annual activity report. The Advisory Group may set up sub-
groups for the purpose of examining specific matters, including supporting specific
digital procedural standards. [...]
2. The Advisory Group shall, in particular [...]:
(a) follow up on the state of implementation in the Member States;
(b) identify, assess and prepare new digital procedural standards;
(c) promote knowledge sharing;
(d) monitor eu-LISA's compliance with the service level requirements set out in the
implementing act adopted pursuant to [...] Article 5(1)(b);
[...]
(e [...])provide an opinion on a draft version of the report provided for in Article 15.
9005/21 XT/mg 32
ANNEX JAI.2 LIMITE EN
3. During the handover/takeover process the e-CODEX Advisory Group shall meet regularly,
at least every second month, until the takeover process is successfully completed, and at
least every six months thereafter [...].
4 [...]. The e-CODEX Advisory Group shall report after each meeting to the Programme
Management Board. It shall provide the technical expertise to support the tasks of the
Programme Management Board [...].
5 [...]. The e-CODEX Advisory Group shall involve stakeholders and experts in its work,
including members of the judiciary, legal practitioners[...]and professional
organisations, which are affected by, use or participate [...] in [...] the e-CODEX
system [...].
Article 12
Programme Management Board
1. By 1 January 2023, the Management Board of eu-LISA shall establish a permanent [...]
e-CODEX Programme Management Board [...]. It shall advise the Management Board
of eu-LISA on the long-term sustainability of the e-CODEX system, in particular [...]
with regard to the prioritisation of activities and other strategic commitments, ensure
the adequate management of the system and monitor the guarantees of the
independence of the judiciary, prompting preventive or corrective action, where
necessary. The Programme Management Board has no mandate to represent the
members of the Management Board.
9005/21 XT/mg 33
ANNEX JAI.2 LIMITE EN
2. The Programme Management Board shall be composed of ten members: the Chair of the
Advisory Group, referred to in Article 11, eight members appointed by the Management
Board, [...] and one member appointed by the Commission. Each member shall have an
alternate. The Management Board shall ensure that the members of the Programme
Management Board and their alternates [...] have the necessary experience and
expertise regarding the performance of their tasks [...].
3. The term of office of the members and their alternates shall be four […] years and
shall [...] be renewable.
4 [...]. eu-LISA shall participate in the work of the Programme Management Board. To that end,
representatives of eu-LISA shall attend the meetings of the Programme Management
Board in order to report on work regarding the e-CODEX system and on any other related
work and activities.
5 [...]. The Programme Management Board shall meet at least once every six [...] months, and
more often when necessary. [...]. The Programme Management Board shall submit written
reports regularly and if possible every sixth [...] month to the Management Board of eu-
LISA on the progress of the system [...]. [...]
6 [...]. The Programme Management Board shall establish its rules of procedure which shall
include in particular rules on:
(a) choice of the chairperson and of the deputy chairperson and their term of office;
(b) meeting venues;
(c) preparation of meetings;
9005/21 XT/mg 34
ANNEX JAI.2 LIMITE EN
(d) admission of stakeholders and experts [...] to the meetings, including members of
the judiciary, legal practitioners, [...]and professional organisations which are
affected by, use or participate [...] in [...] the e-CODEX system [...];
(e) communication plans ensuring that non-participating members of the Management
Board are kept fully informed.
7 [...]. [...] Article 21(1) of Regulation (EU) 2018/1726 shall apply mutatis mutandis as
regards the chairperson and the deputy chairperson of the Programme Management
Board. [...]
8 [...]. All travel and subsistence expenses incurred by the members of the Programme
Management Board shall be paid by eu-LISA. Article 10 of the eu-LISA Rules of
Procedure shall apply mutatis mutandis.
9 [...]. The Programme Management Board's secretariat shall be ensured by eu-LISA.
[…]
Article 13a
Independence of the judiciary
1. When carrying out the responsibilities provided for in this Regulation, all entities
shall ensure that their decisions and actions respect the principle of independence of
the judiciary.
9005/21 XT/mg 35
ANNEX JAI.2 LIMITE EN
2. For this purpose, eu-LISA shall commit the resources provided to it for the e-CODEX
system in their entirety to its operation under the present regulation, and ensure the
involvement of justice representatives in the management of the e-CODEX system,
pursuant to Articles 11 and 12.
Article 14
Notifications
1. By 31 January of every year after the successful takeover of the e-CODEX system by eu-
LISA, Member States shall notify eu-LISA of the following information:
[…]
(a [...]) the number of technical messages sent and received through [...] each authorised
e-CODEX access point needed for the connected systems [...] within their territory,
grouped by corresponding authorised e-CODEX access point and digital procedural
standard [...], unless an equivalent [...] notification procedure applies under
other [...] Union legal acts;
(b [...]) the number and type of incidents encountered by entities operating authorised e-
CODEX access points needed for the connected systems within the territory of the
Member State and impacting the security of the e-CODEX system, unless an
equivalent [...] notification procedure applies under [...] other [...] Union legal
acts.
2. By 31 January of every year after the successful takeover of the e-CODEX system by
eu-LISA, the Commission shall notify eu-LISA of the following information:
[…]
9005/21 XT/mg 36
ANNEX JAI.2 LIMITE EN
(a [...]) the number of technical messages sent and received through [...] each authorised
e-CODEX access point operated by Union institutions, bodies, offices and agencies,
grouped by corresponding authorised e-CODEX access point and digital procedural
standard [...], unless an equivalent [...] notification procedure applies under [...]
other [...] Union legal acts;
(b [...]) the number and type of incidents encountered by entities operating authorised
e-CODEX access points that are operated by Union institutions, bodies, offices and
agencies and impacting the security of the e-CODEX system, unless an equivalent
[...] notification procedure applies under [...] other [...] Union legal acts.
3. The notifications under paragraphs (1) and (2) shall confirm whether the list of
authorised e-CODEX access points and the list of the digital procedural standards
which they are authorised to apply remain up-to-date.
Article 15
Monitoring and reporting
1. For the first time two years after it takes over responsibility for the e-CODEX system, and
every two years thereafter, eu-LISA shall [...] submit a report to the Commission on the
technical functioning and use of the e-CODEX system, including the security of the
system.
2. eu-LISA shall consolidate the data received from the Commission and the Member States
pursuant to Articles 5(4), 7(1) and 14 and provide the following indicators as part of the
report provided for in paragraph 1:
(a) the list and number of digital procedural standards [...] for which the e-CODEX
system has been used during the reporting period;
9005/21 XT/mg 37
ANNEX JAI.2 LIMITE EN
(b) the number of authorised e-CODEX access points for each Member State and for
each digital procedural standard [...];
[...]
(c [...]) the number of technical messages sent through the system for each digital
procedural standard [...] between each of the authorised e-CODEX access points;
(d [...]) the number and type of incidents impacting the security of the e-CODEX system
and compliance information with the e-CODEX security plan.
3. For the first time, three years after eu-LISA takes over responsibility for the e-CODEX
system, and every four years thereafter, the Commission shall produce an overall
evaluation of the e-CODEX system. That overall evaluation shall include an assessment of
the application of this Regulation and an examination of results achieved against
objectives, and may propose possible future actions. At the time of the first evaluation, the
Commission shall also reexamine the role of the Programme Management Board[...]. The
Commission shall transmit the evaluation report to the European Parliament and the
Council.
Article 16
Amendments to Regulation (EU) 2018/1726
Regulation (EU) 2018/1726 is amended as follows:
(1) in Article 1, the following paragraph 4a is inserted:
“4a. The Agency shall be responsible for the development, operational management,
including technical evolutions, of the computerised system for the electronic
exchange of data [...] in the context of cross-border judicial cooperation in civil
and criminal matters [...] (e-CODEX system.)”;
(2) the following Article 8b is inserted:
9005/21 XT/mg 38
ANNEX JAI.2 LIMITE EN
“Article 8b
Tasks related to the e-CODEX system
In relation to the e-CODEX system, the Agency shall perform:[...]
(a) the tasks conferred on it by Regulation (EU) No XXX/20XX of the European
Parliament and of the Council*;
(b) tasks relating to training on the technical use of the e-CODEX system, including
provision of online training materials.
__________
* on a computerised system for the electronic exchange of data [...] in the context of
cross-border civil and criminal matters [...] (e-CODEX system), and amending Regulation
(EU) 2018/1726 (OJ L …).”;
(3) in Article 14, paragraph 1 is replaced by the following:
“1. The Agency shall monitor developments in research relevant for the operational
management of SIS II, VIS, Eurodac, the EES, ETIAS, DubliNet, ECRIS-TCN,
e-CODEX and other large-scale IT systems as referred to in Article 1(5).”
(4) in Article 19, paragraph 1 is amended as follows:
(a) point (ff) is replaced by the following:
“(ff) adopt reports on the technical functioning of the following:
(i) SIS pursuant to Article 60(7) of Regulation (EU) 2018/1861 of the European
Parliament and of the Council* and Article 74(8) of Regulation (EU)
2018/1862 of the European Parliament and of the Council**;
9005/21 XT/mg 39
ANNEX JAI.2 LIMITE EN
(ii) VIS pursuant to Article 50(3) of Regulation (EC) No 767/2008 and
Article 17(3) of Decision 2008/633/JHA;
(iii) EES pursuant to Article 72(4) of Regulation (EU) 2017/2226;
(iv) ETIAS pursuant to Article 92(4) of Regulation (EU) 2018/1240;
(v) ECRIS-TCN and of the ECRIS reference implementation pursuant to
Article 36(8) of Regulation (EU) 2019/816 of the European Parliament and of
the Council***;
(vi) the interoperability components pursuant to Article 78(3) of Regulation (EU)
2019/817 and Article 74(3) of Regulation (EU) 2019/818;
(vii) the e-CODEX system pursuant to Article 15 [...] of Regulation (EU) XXX of
20XX [this Regulation]
__________
* Regulation (EU) 2018/1861 of the European Parliament and of the Council of
28 November 2018 on the establishment, operation and use of the Schengen
Information System (SIS) in the field of border checks, and amending the Convention
implementing the Schengen Agreement, and amending and repealing Regulation (EC)
No 1987/2006 (OJ L 312, 7.12.2018, p. 14).
** Regulation (EU) 2018/1862 of the European Parliament and of the Council of
28 November 2018 on the establishment, operation and use of the Schengen
Information System (SIS) in the field of police cooperation and judicial cooperation in
criminal matters, amending and repealing Council Decision 2007/533/JHA, and
repealing Regulation (EC) No 1986/2006 of the European Parliament and of the Council
and Commission Decision 2010/261/EU. (OJ L 312, 7.12.2018, p. 56).
9005/21 XT/mg 40
ANNEX JAI.2 LIMITE EN
*** Regulation (EU) 2019/816 of the European Parliament and of the Council of
17 April 2019 establishing a centralised system for the identification of Member States
holding conviction information on third-country nationals and stateless persons
(ECRIS-TCN) to supplement the European Criminal Records Information System and
amending Regulation (EU) 2018/1726 (OJ L 135, 22.5.2019, p. 1).” ;
(b) point (mm) is replaced by the following:
“(mm) ensure annual publication of the following:
(i) the list of competent authorities authorised to search directly the data contained
in SIS pursuant to Article 41(8) of Regulation (EU) 2018/1861 and
Article 56(7) of Regulation (EU) 2018/1862, together with the list of Offices of
the national systems of SIS (N.SIS) and SIRENE Bureaux pursuant to Article
7(3) of Regulation (EU) 2018/1861 and Article 7(3) of Regulation (EU)
2018/1862 respectively;
(ii) the list of competent authorities pursuant to Article 65(2) of Regulation
(EU) 2017/2226;
(iii) the list of competent authorities pursuant to Article 87(2) of Regulation
(EU) 2018/1240;
(iv) the list of central authorities pursuant to Article 34(2) of Regulation
(EU) 2019/816;
9005/21 XT/mg 41
ANNEX JAI.2 LIMITE EN
(v) the list of authorities pursuant to Article 71(1) of Regulation (EU) 2019/817
and Article 67(1) of Regulation (EU) 2019/818;
(vi) the list of authorised e-CODEX access points pursuant to
Article 6(1 [...])(g [...]) of Regulation (EU) XXX of 20XX [on the e-CODEX
system – this Regulation];”;
(5) in Article 27(1), the following point (dc) is inserted:
“(dc) e-CODEX Advisory Group;”.
9005/21 XT/mg 42
ANNEX JAI.2 LIMITE EN
CHAPTER 3
Final provisions
Article 17
Committee procedure
1. The Commission shall be assisted by a committee. That committee shall be a committee
within the meaning of Regulation (EU) No 182/2011.
2. Where reference is made to this paragraph, Article 5 of Regulation (EU) No 182/2011 shall
apply.
Article 18
Costs
1. The costs incurred in the performance of the tasks referred to in Article 6 shall be borne by
the general budget of the European Union.
2. The costs for the tasks referred to in Article 7 and Article 8 shall be borne by the Member
States or [...] the entities operating authorised e-CODEX access points [...].
9005/21 XT/mg 43
ANNEX JAI.2 LIMITE EN
Article 19
Entry into force
This Regulation shall enter into force on the twentieth day following that of its publication in the
Official Journal of the European Union.
This Regulation shall be binding in its entirety and directly applicable in the Member States in
accordance with the Treaties.
Done at Brussels,
For the European Parliament For the Council
The President The President
9005/21 XT/mg 44
ANNEX I JAI.2 LIMITE EN
ANNEX I1
[…]
Software products, documentation and related [...] assets to be handed over to eu-LISA under
Article 9
(1) Central Testing Platform (software product that provides a set of functions which can be used
to verify the correct operation of e-CODEX access points and the correct use of the e-CODEX
digital procedural standards in the connected systems linked to these)
(2) Configuration Management Tool (software product used to assist in the performance of the
task defined in Article 6 (1 […]) (d […])
(3) Metadata Workbench (software product used to assist in the performance of parts of the tasks
defined in Article 6)
(4) EU e-Justice Core Vocabulary (asset for reusable semantical terms and definitions used
to ensure data consistency and data quality over time and across use-cases)
(5) Architecture documentation (documentation [...] used to provide technical and
informative knowledge to stakeholders on the choice of standards to which other assets
of the e-CODEX system [...] must comply)
1 The original Annex I in the initial proposal has been deleted. The current Annex I
corresponds to Annex II of the initial proposal with amendments included.